Sunday, February 13, 2011

Egyptian Intifada: Did Israel have a hand in Egypt’s Internet blackout?

Just after midnight on Friday, January 28, following three days of popular demonstrations calling for the ouster of longstanding Egyptian president Hosni Mubarak, Internet access (along with mobile-phone communications) in Cairo, Alexandria and the northern canal city of Suez — where demonstrations were most intense — was abruptly cut. The Internet remained inaccessible for the next three days.

Now reports have emerged in the Hebrew- and Arabic-language press that the Mubarak regime had sought Israel’s help in imposing the Internet blackout. On February 9, Egyptian Arabic-language news website Youm al-Sabea, citing reports in Hebrew-language daily Yedioth Ahronoth published the same day, asserted that the Egyptian regime had “requested the assistance of Israeli technicians to disrupt Egypt’s Internet network with the aim of quelling the revolution.”

The Youm al-Sabea report reads:

Israeli newspaper Yedioth Ahronoth has revealed that the Egyptian [Mubarak] regime used cutting-edge Israeli techniques to disrupt Internet connectivity throughout Egypt, preventing Egyptians from accessing the Internet for the first week of the Tahrir Revolution, which began on January 25.

The newspaper, in its economy supplement, reported that Egypt’s ruling regime had been forced to request the assistance of Israeli technicians to disrupt Egypt’s Internet network with the aim of quelling the revolution by thousands of demonstrators who assembled in [Cairo's] Tahrir Square late last month to demand…Mubarak’s ouster.

Yedioth Ahronoth cited statements by a high-level communications source who said that the Israeli software company Narus had designed the advanced software used to paralyze the Internet in Egypt. The newspaper noted that the Israeli company has had a longstanding relationship with Egypt’s largest public-sector company for communications and Internet services [this presumably refers to government-owned TE Data, see below], with which it provides additional special systems.

The Israeli company also provides similar services to communications companies in Saudi Arabia and Pakistan, and is specialized in the production of supercomputers used by intelligence agencies worldwide for numerous applications, such as phone-taps; tracking voice communications on the Internet [presumably Skype, see below]; recording email and browsing habits; and disrupting Internet connectivity in any country at any time if needed.

Israeli dailies Yedioth Ahronoth and Haaretz both pointed to the fact that Israeli President Shimon Peres indirectly admitted the veracity of these reports at Israel’s annual security conference in Hertzliya on Tuesday, where he noted that, despite the restrictions and surveillance that governments are able to impose on the Internet, the media and Internet nevertheless played major roles in the eruption of popular uprisings in Egypt and Tunisia.

Notably, Israeli software company Narus (http://www.narus.com/) is also mentioned in the following article from the Huffington Post (which refers to it as a ‘US corporation’), published on the third day of the uprising:
One US corporation’s role in Egypt’s brutal crackdown
The Huffington Post; January 28, 2011

The open Internet’s role in popular uprising is now undisputed. Look no further than Egypt, where the Mubarak regime today reportedly shut down Internet and cell phone communications — a troubling predictor of the fierce crackdown that has followed.

What’s even more troubling is news that one American company is aiding Egypt’s harsh response through sales of technology that makes this repression possible.

The Internet’s favorite offspring — Twitter, Facebook and YouTube — are now heralded on CNN, BBC and Fox News as flag-bearers for a new era of citizen journalism and activism. (More and more these same news organizations have abandoned their own, more traditional means of newsgathering to troll social media for breaking information.)

But the open Internet’s power cuts both ways: The tools that connect, organize and empower protesters can also be used to hunt them down.

Telecom Egypt, the nation’s dominant phone and Internet service provider, is a state-run enterprise, which made it easy on Friday morning for authorities to pull the plug and plunge much of the nation into digital darkness.

Moreover, Egypt also has the ability to spy on Internet and cell phone users, by opening their communication packets and reading their contents. Iran used similar methods during the 2009 unrest to track, imprison and in some cases, “disappear” truckloads of cyber-dissidents.

The companies that profit from sales of this technology need to be held to a higher standard. One in particular is an American firm, Narus of Sunnyvale, California, which has sold Telecom Egypt “real-time traffic intelligence” equipment.

Narus, now owned by Boeing, was founded in 1997 by Israeli security experts (see below) to create and sell mass surveillance systems for governments and large corporate clients.

The company is best known for creating NarusInsight, a supercomputer system which is allegedly used by the National Security Agency and other entities to perform mass, real-time surveillance and monitoring of public and corporate Internet communications in real time.

Other Narus global customers include the national telecommunications authorities in Pakistan and Saudi Arabia — two countries that regularly register alongside Egypt near the bottom of Human Rights Watch’s world report.

“Anything that comes through (an Internet protocol network), we can record,” Steve Bannerman, Narus’ marketing vice president, once boasted to Wired about the service. “We can reconstruct all of their e-mails along with attachments, see what web pages they clicked on; we can reconstruct their (Voice Over Internet Protocol) calls.”

Other North American and European companies are selling DPI to enable their business customers “to see, manage and monetize individual flows to individual subscribers.” But this “Internet-enhancing” technology has been sought out by regimes in Iran, China and Burma for more brutal purposes.

In addition to Narus, there are a number of companies, including many others in the United States, that produce and traffic in similar spying and control technology. This list of DPI providers includes Procera Networks (USA), Allot (Israel), Ixia (USA), AdvancedIO (Canada) and Sandvine (Canada), among others.

These companies typically partner with Internet Service Providers to insert DPI along the main arteries of the Web. All Net traffic in and out of Iran, for example, travels through one portal — the Telecommunications Company of Iran — which facilitates the use of DPI.

When commercial network operators use DPI, the privacy of Internet users is compromised. But in government hands, the use of DPI can crush dissent and lead to human rights violations.

While the Huffington Post refers to Narus as a “US corporation,” Israeli daily Haaretz notes in the following article from 2006 that the firm was founded by “Dr. Ori Cohen, Stas Khirman and four other guys in Israel.”

Ori Cohen, private eyeHaaretz (Israel); July 11, 2006

If you’ve been keeping track of American Internet and the battles over surfer privacy, then you have run into the name Narus, which specializes in tapping surfer traffic. It was founded in 1997 by Dr Ori Cohen, Stas Khirman and four other guys in Israel.

For years Narus sailed on untroubled. But today it’s become associated with the likes of Carnivore or Echelon, the notorious software programs that have become linked with spying on email and delivering data on surfers to government agencies.

The image change Narus has suffered and its frequent mentions in debates on privacy and the freedom of information, is mainly because of Mark Klein. That would be a technician retired from AT&T for 22 years, who reported to the American authorities a few months ago that he suspected AT&T of allowing the National Security Agency to bug its customers’ phone calls.

Customer Internet traffic via the WorldNet service provider was reportedly shunted to data-mining technology in a secret room at AT&T facilities. The data analysis technology was made by Narus.

The scandal doesn’t seem to have bothered Narus much: it takes pride in various forums in the quality of its offerings. Its products enable ISPs and phone companies to monitor and manage their networks, detect illegal intrusions — and tap calls. Nor is Narus shy of declaring AT&T to be one of its customers.

Even though the Electronic Frontier Foundation, which is striving to protect surfer privacy, has decided to sue the NSA in order to find out the scope of Washington’s spying on the people, Narus still has nothing official to say about the affair.

If anything, Narus’ management happily notes reports on its products, which are involved in countless weird and wonderful projects, including monitoring and blocking of voice and data over Internet. It proudly notes that its products are well used in countries such as China and Saudi Arabia, not really bastions of human rights.

It appears the Narus technology is used there to monitor surfing by the people, and blocking the use of Internet telephone technology such as Skype, which make monitoring communications very hard.

Narus says that its software can monitor and block Skype’s communications protocol, other VoIP programs, P2P (peer to peer) networks (such as Kazaa), instant messaging software, email traffic and many other protocols too. When installed on the infrastructure of an Internet provider, it can do all that too, monitoring unbelievably huge amounts of data up to ten gigas per second.

Big in Tripoli

Another factoid in which Narus takes pride is its giant agreement with Giza Systems of Cairo. That Egyptian integration and communications company paid Narus several million dollars to install its bugging and blocking software on networks in Saudi Arabia, Libya, Egypt, and even in the Palestinian Authority.

But how is it that in the Middle East of 2006, Saudi Arabia, Libya and the like are buying technology developed by Israelis, funded by Israeli venture capital?

Walden Israel was one of the first backers behind Narus, but it says it’s severed all contact. General Partner Roni Hefetz says it hasn’t been involved in the company for years. However, the Walden international fund has picked up the slack, continuing to invest in Narus throughout. Narus even has a Walden man on its board.

Narus has morphed from an Israeli company into an American one. But it hasn’t been sold or floated, despite earlier ambitions. Where are the Israelis? Their involvement is hard to pin down, including that of legendary founder Dr. Ori Cohen, who’d been so happy to grant interviews; or the chief technology officer Stas Khirman. Did they abandon Internet bugging?

Cright on!

Apparently not. It is very possible that Cohen and Khirman are working at a startup that nobody is willing to talk about. A stealthy startup they helped found called Cright that has lots of employees in Israel and California, and which is reportedly about to avail itself of Ukrainian development talent too. Almost nobody has heard of Cright and nobody at all, including its distinguished investors, is willing to discuss what it does.

Sequoia Israel, the Rolls Royce of the technological venture capital world, is whispered to have invested $7 million in Cright together with Charles River. But the enigmatic startup is not mentioned on the Sequoia site, which otherwise describes the portfolio very thoroughly. Nor does the Charles River site mention it.

Nor could I glean any information about the company or about the Narus people manning it. Cright has a website (www.cright.com), a naked one that reveals nothing: and has taken a vow of utter silence.

Market sources surmise that Cright is tight-lipped because what it does would spark outrage among surfers jealous of their privacy, which could culminate in migraines for the startup and its backers. The last thing these financiers need is bad press, especially as other products in which they invested, such as Jajah, are striving to gain adulation among the online community.

In today’s online world, surfers can make the connection between investment in one company and in another. If Fund X invests in DevilIncarnate.com, and surfers find it out, they could hurt its investment in Angel.net.

The prying eye

But that is assuming that Ori Cohen and Stas Khirman are still working on products that analyze Internet traffic, and possibly, that this time their prying eye is looking at private surfers.

Industry sources in the know claim they’re harnessing Israeli developers to develop a DRM product designed for installation at Internet providers, which will among other things frustrate file sharing and peer-2-peer networks. These sources say Cright (could that be short for copyright?) is supposed to filter P2P networks, to monitor and analyze files being shared, and possibly to shut down errant P2P network, or at least to block certain content.

In other words, if may be a new twist on the old trick of monitoring the Internet’s main line, analyzing content, and interfering with it, just as Narus says it does in Saudi Arabia.

Cright’s ambitions may be disclosed by the appointment of Ed Kozel as its CEO. Kozel hails from Cisco and Yahoo. But isn’t Ori Cohen Cright’s CEO? I don’t know, or maybe they’re both co-CEOs, maybe the company has two CEOs because it’s going in two different directions at once.

If I had to guess, I’d guess that Cright means to launch some product related to online advertising. To guess on, I’d think it connects financed ads or links to personal content that Cright uncovers using its data mining capacities. Could that be? Selling ads based on breaking down data from traffic? I think it could.

Finally, it’s worth noting that an Egyptian national, arrested by Egyptian authorities last year on charges of spying for Israel, claimed that his Mossad handlers had told him that Israel was behind the days-long Internet outage that hit several countries of the Middle East (but not Israel) in 2008.

Israeli sabotage was behind the nationwide crippling of Egypt’s Internet in 2008, according to an alleged Mossad agent. The accused agent, Abdel Razeq Hussein Hassan, is an Egyptian businessman who was arrested earlier this year by Egyptian counterintelligence and is accused of working for the Israeli spy agency. Two of his alleged Israeli handlers, Joseph Daymour and Idid Moushay, are reportedly on the run and are wanted by the Egyptian government.

Hassan is due to go on trial next month, but transcripts of his interrogation records have been leaked to Egyptian media. In one instance, Hassan appears to tell his police interrogators that a team of Mossad operatives deliberately cut two undersea cables about 5 miles off the north Egyptian port city of Alexandria, disrupting the country’s Internet service for several days.

An article in Britain’s The Daily Telegraphclaims erroneously that the disruptions, occurred in December of 2008 and were “blamed at the time on damage [...] caused by a ship’s anchor”. In reality, the undersea cables were cut on January 30, 2008, and there was no connection to anchors or anything similar, which does raise suspicions.

Still, the possibility must be considered that Hassan’s revelation may have been extracted by his interrogators through torture, or that it may be part of a controlled leak — true, overstated, or downright false — by Egyptian counterintelligence.

Whatever the truth behind this is, what is missing is the strategic motive that would have caused the Mossad to sabotage Egypt’s nationwide Internet data delivery at a time when the governments of the two countries were entering a period of rapprochement.